While I was checking my feeds the other day I noticed the article here from The Register. The gist of it is a Russian startup has a service that will disrupt torrents. The technical information is still sketchy, but here’s a quote of a quote from The Register article: “We used a number of servers to make a connection to each and every p2p client that distributed this film,” Klimenko says of the technology test. “Then Pirate Pay sent specific traffic to confuse these clients about the real I.P. addresses of other clients and to make them disconnect from each other.” Sounds suspiciously close to the old TCP spoofed reset denial of service from back in the day to me. Rather sending sending RST’s they’re just sending bogus IP info or something.
This seems like it would be on the wrong side of the law in some countries. Maybe not, could be a grey area. My thought: Is DoS-ing a service you (or your investors) think is wrong make it rightlegal? And let’s look at what a DoS is from wikipedia “In computing a denial-of-service attack (DoS attack) or distributed denial-of-service attack (DDoS attack) is an attempt to make a computer or network resource unavailable to its intended users. ” The Pirate Pay sounds like they’re DoS-ing a service to me. I’d be interested to hear what the community has to say? I don’t want to turn this into a “pro-piracyanti-piracy” debate, this more about the principal behind their approach: What do you think about a company using tools or techniques to disrupt operations or traffic on other users’ machines?
One thought on “Two Wrongs Make A Right?”
It seems to me that this technique will cause more harm than good in the long run. Even getting beyond the direct DoS of the targeted service, this is likely to clog internet links causing a DoS for other, benign services as well.